Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...

How GitHub Is Securing the Software Supply Chain

In light of recent cyberattacks and growing security concerns, GitHub is taking immediate and direct action to secure the ...
Developer Tech

XZ attack reveals unlearned open-source security lessons

The XZ attack is a backdoor that reminds us our biggest open-source security threats are from decades of unlearned lessons.
Infosecurity Magazine

How Enterprises Can Manage Open-Source Security When the Shift Left Meets End of Life

Learn how DevSecOps shifts security left and right across the software lifecycle and why understanding end-of-life risks is ...

10 open-source apps I recommend every Windows user try - for free

These free, open-source tools will make your Windows PC more powerful and give you a serious productivity boost.
LinuxInsider

Open-Source Model Near Breaking Point Despite Trillions in Value

A coalition of open-source stewards warns that the software industry’s reliance on goodwill to maintain critical ...
Nextgov

Report: Russia-based Yandex employee oversees open-source software approved for DOD use

A Russia-based Yandex employee is the sole maintainer of a widely used open-source tool embedded in at least 30 pre-built software packages in the Department of Defense, raising potential risks of ...
Security Boulevard

Get the best from AI in software development without risking the worst

Discover how to harness AI in software development while minimizing risks. Learn strategies for secure coding practices, managing AI-generated code risks, and implementing effective security measures.